Case Study: Verifiable Data Sanitization – Sanitizing HDDs and SSDs for a Fortune 500 Company

By Aidin Aghamiri

In the data center and IT enterprise worlds, there can be hundreds of thousands of computer drives that make up the system. Many of these drives are the older hard disk drive (HDD) technology, well on their way to retirement and/or end of life processing. The other drives are contemporary solid state drive (SSD) technology, typically with many, many hours of use left in their lifecycle. Regardless of which technology is being employed at any particular location, a distinct commonality exists. All of these drives will at some point need to have whatever data is stored on them completely and totally removed. Disk shredding is one path for complete data removal; however, this is a destructive process and will eliminate any possibility for remarketing and value recovery. The other option is forensic grade data sanitization, a tried and true process for HDDs and now, a proven reality for SSDs.

The Opportunity

This case study involves a Fortune 500 internet information provider with data center locations around the world. Inside their data centers are both HDDs and SSDs. The initial need was for guaranteed forensic level sanitization of SSDs. It was not an issue of these drives reaching end-of-life usage, but rather these drives were failing early on in their lifetime. As SSDs are expensive, much more so than HDDs, the program was inspired by a need to return these drives to the manufacturer for a refund. Before these drives could be returned, they needed to be fully sanitized including verification that all data and data fragments were removed from each SSD. Being able to fully sanitize an SSD drive and have a verifiable process allowed this company to implement a return merchandize authorization (RMA) program that saved the company millions of dollars each year.

Solid State Sanitization

Everyone has heard the stories about how SSDs cannot be forensically sanitized, and historically this has been the case. I say “has been the case” because technology has moved forward and there are now techniques in use that provide guaranteed and verifiable forensic-level data sanitization.

While it is beyond the scope of this article to go into the inner workings of SSDs, the challenges associated with SSD sanitization relate to something called “wear-leveling,” a technique used to extend the life of the drive. An overly simplified explanation of wear-leveling would be to draw a parallel to sporting events and the fact that players are rotated in and out of the game to avoid fatigue. Something similar is implemented for wear leveling, and this is made possible by the fact that not all of the memory capability is available to the user at all times. With some memory accessible and other memory temporarily out of play, an understanding of the challenges associated with sanitizing SSDs becomes a little more obvious. For comprehensive data removal, the software needs to access and overwrite data in all areas if the drive including those that are currently not available to the user. While this sounds easy, there are many subtleties in the process that requires special attention. And, due to a current lack of standards, not all manufacturers systems respond identically to firmware commands. The good news is that techniques can be implemented which overwrite all the data on the drive including information in what are currently the out of use areas. This makes guaranteed forensic-level sanitization possible.

The Loose SSD Project

So, the program began with verifiable data sanitization being performed on SSD drives that had failed and been removed from the racks. Failed drives were securely shipped to a common location and then sanitized using a proprietary software product that was capable of not only overwriting all the data and data fragments at every location on that SSD, but also could verify that it had successfully done so. With verification of successful data erasure throughout the entire drive, a Certificate of Sanitization (CoS) was made available for that particular drive. This document was very important to the company as it mitigated the risk of data breaches.

End of Life Joins the Program

For this company, the loose SSD sanitization program was so successful that they decided to try the sanitization software on their end-of-life assets which were usually HDDs, but not always. After continued success with sanitizing racks of drives (still mounted, not loose), the company expanded the data sanitization program to other locations. As the program progressed to include more of their global locations, the sanitization software and its capabilities also matured.

Today, this company is using this data sanitization software to sanitize both HDDs and SSDs globally. While RMA processing is still performed at a few select locations, the software can now remotely sanitize racks of drives (large volumes) over their network. When new storage assets are added to their system, any decommissioned assets, still in the racks at their operating location, are sanitized and verified remotely.

This company states the benefits of the program and the data sanitization software as:

  • Drive-agnostic, the software provides a single, simplified workflow that works for all drives, regardless of manufacturer or type
  • High performance and fully scalable data sanitization software –largest job of 580 racks (approx. 180,000 drives), took only a few hours
  • Certificates of Sanitization allows traceability to each individual drive
  • Failed drives that require removal from the racks are easily located by the software’s management system

About the Author

Aidin Aghamiri

Aidin Aghamiri is the VP, Corporate Strategy for ITRenew.